Major Tech Companies Finally Endorse Federal Privacy Regulation

The major tech companies, scared that states like California might impose actual privacy regulations, have now decided that they can better lobby the federal government for much weaker national legislation that will preempt any stricter state measures.

I'm sure they'll still do all they can to weaken the California law, but they know they'll do better at the national level.

Posted on September 28, 2018 at 1:19 PM • 14 Comments

Comments

HmmSeptember 28, 2018 1:28 PM

Corporate lobbying is the scourge of representative governance.

It's a dark day in the US when we have to geo-pretend to be Europeans to get basic privacy protections.

We need a boycott campaign, pronto.

David BrunowSeptember 28, 2018 3:21 PM

More interesting to me is the fact that perhaps the biggest privacy violator of them all, Facebook, was not one of the endorsers.

AlejandroSeptember 28, 2018 3:31 PM

What WE need is a privacy law that essentially says our private electronic data and identity is PROPERTY and thus protected by law and the Constitution.

We could then insure our data like it was a car that was stolen. Also, corporations could be sued up the kazoo for stealing, losing or abusing our private electronic property.

Thus, we can see why the big corporations want to have a hand in writing any new privacy laws. We might guess any new law they create will read like the current standard TOS privacy rights policy, summed up:

"You don't got any."

RickSeptember 28, 2018 6:10 PM

@Hmm:


yes, the reflexive "there oughta be a law" instinct.

America already has well over 400,000 laws on the books-- is that really insufficient.

HmmSeptember 28, 2018 8:31 PM

"the reflexive "there oughta be a law" instinct."

You mean there oughtta be a boycott instinct? Read it again, Sam.

I called for pressure on corporate lobbying which, yes, actually does affect the new laws coming down the pipe. They write them on behalf of their corporate patron fiefdom, and the "representative of the people" (-sic) rubber stamps them for industry support, campaign donations, or as part of a more generalized political cabal. That process subverts the actual purpose of representation, with now-unlimited funding.

"America already has well over 400,000 laws on the books"

Life is complex, so would you expect law to be extremely simple and one-size-fits-all?
That makes sense.

I don't think you want to rely on "instinct" in designing equitable systems built to last...
But I won't cast your vote for you, Rick.


ALSeptember 28, 2018 9:27 PM

I think the impetus of lobbying for federal legislation is so tech companies don't have to deal with a patchwork of state regulation.

But, they'll still have to navigate GDPR though. Last I heard, the Los Angeles Times and Chicago Tribune are blocking European access.

I think we're headed towards a balkanized internet (splinternet). But who wants it balkanized by state?

HmmSeptember 29, 2018 10:18 PM

Anyone is free to walk or talk at any time, but if you drop cash on something, it ought to be registered.

That's a fundamental I didn't invent.

Clive RobinsonSeptember 30, 2018 12:50 AM

@ Hmm,

We need a boycott campaign, pronto.

@ A Nonny Bunny,

You need a strong consumer lobby.

@ Alejandro,

What WE need is a privacy law that essentially says our private electronic data and identity is PROPERTY and thus protected by law and the Constitution.

@ How's that,

Perhaps you meant a walk-out?

All methods that might or might not work to a lessor or greator extent.

However there is another opption to consider as well,

    Make corporate lobbying illegal

That is treat it for what much of it is "bribary" it only works because the politicos get something out of it, that is, there is a "benifit" in money, goods, or services in some kind.

However as @Rick notes,

America already has well over 400,000 laws on the books-- is that really insufficient.

The answer is both yes and no, society moves thus new legislation or modification to existing laws is required. Thus over time all you realy end up with is a realy messy audit trail. But even this has purpose in that study of it should stop mistakes being repeated...

Thus the elephant in the room is poor or bad legislation that has either hidden purpose --beware Greeks bearing gifts-- or suffer from the "law of unintended consequences".

Thus can we get around enacting potentially poor or bad legislation that will come back to bite us?

Yes I think we can.

As @Hmm notes,

Anyone is free to walk or talk at any time, but if you drop cash on something, it ought to be registered.

Which is actually a call for much greater transparancy not just on the "benifits" but what the benifit was for.

That is a benifit might be "pre written legislation from corporate lawyers" as a "gift"... However such gifts can and often do act like malware, they are "trojaned" in some way that is almost impossible to see without knowing the intent behind it.

So can it be done without legislation? Ultimately no, but is there existing legislation or past legislation we could use as guidence.

Well I think there might be.

There used to be "right to reply" legislation with regards broadcast advertising. That is you had a right to have an opposing opinion given of equal duration as the advertisment. It was quickly detested by corporates for obvious reasons.

Thus how about having two things,

1, all lobying of any kind must be done in public with all benifits and interests not just declared but open for inspection at any time.

2, A right of reply, that is non corporate entities such as charaties, NGO's, consumer groups, etc, are entitled to equal time with any politician, again fully in public and any benifits and interests made fully public.

Whilst not perfect by any means the more transparancy and accountability there is the harder it will be for lobyists to make undesirable deals out of sight.

Oh and just to help it along "parity sentencing" if a politician or lobyist is caught trying to do an out of sight deal, then both go to jail for the same period of time etc, with consideration given for "rating out" the approaching party.

In effect establishing and policing an "honour code".


TheInformedOneOctober 1, 2018 6:14 AM

Ahhh...the American dream. Where else in the world can a pauper come to the U.S. and work hard and (with a little luck) rise to the level of a king with riches and a large palace. Much of America is base on free enterprise principles. So how can we then say it is illegal to make money from the exploitation of peoples privacy? After all, nobody has really cared about data mining for the last 30 or so years. Are we just big hypocrites?

Esso TigerOctober 2, 2018 5:53 PM

The foregoing is academic. The new US-M-CA trade agreement provides that:

Article 19.8: Personal Information Protection
1. The Parties recognize the economic and social benefits of protecting the personal information of users of digital trade and the contribution that this makes to enhancing consumer confidence in digital trade.
2. To this end, each Party shall adopt or maintain a legal framework that provides for the protection of the personal information of the users of digital trade. In the development of its legal framework for the protection of personal information, each Party should take into account principles and guidelines of relevant international bodies, such as the APEC Privacy Framework and the OECD Recommendation of the Council concerning Guidelines governing the Protection
of Privacy and Transborder Flows of Personal Data (2013).
3. The Parties recognize that these key principles include: limitation on collection; choice; data quality; purpose specification; use limitation; security safeguards; transparency; individual participation; and accountability. The Parties also recognize the importance of ensuring compliance with measures to protect personal information and ensuring that any restrictions on cross-border flows of personal information are necessary and proportionate to the risks presented.
4. Each Party shall endeavor to adopt non-discriminatory practices in protecting users of digital trade from personal information protection violations occurring within its jurisdiction.
5. Each Party shall publish information on the personal information protections it provides to users of digital trade, including how:
(a) individuals can pursue remedies; and
(b) business can comply with any legal requirements.
6. Recognizing that the Parties may take different legal approaches to rotecting personal information, each Party should encourage the development of mechanisms to promote compatibility between these different regimes. The Parties shall endeavor to exchange information on the mechanisms applied in their jurisdictions and explore ways to extend these or other suitable arrangements to promote compatibility between them. The Parties recognize that the APEC CrossBorder Privacy Rules system is a valid mechanism to facilitate cross-border information transfers while protecting personal information.

WeatherOctober 2, 2018 6:04 PM

Esso
Thank you,the people here might be not for it,but the first three,no the last one yes,so hang me

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.